Invisioncommunity

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-47916 CRITICAL POC THREAT Act Now

Invision Community 5.0.0 through 5.0.6 contains an unauthenticated remote code execution vulnerability in the template engine's themeeditor.php. By crafting template conditional strings using PHP's alternative function call syntax, attackers bypass security filters and execute arbitrary PHP code on the server.

PHP RCE Ssti Invisioncommunity

NVD Exploit-DB

CVSS 3.1

10.0

EPSS

90.7%

CVE-2025-47916

EPSS 91% CVSS 10.0

CRITICAL POC THREAT Act Now

Invision Community 5.0.0 through 5.0.6 contains an unauthenticated remote code execution vulnerability in the template engine's themeeditor.php. By crafting template conditional strings using PHP's alternative function call syntax, attackers bypass security filters and execute arbitrary PHP code on the server.

PHP RCE Ssti +1

NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy